Which of the following is not defined in the X.509 standard? (Wentz QOTD)
A. Distinguished encoding rules
B. Subject alternative name
C. Issuer distinguished name
D. Subject distinguished name
Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.
My suggested answer is A. Distinguished encoding rules.
Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.
PKI Certificate Encoding
One notable element not defined in the X.509 standard is how the certificate contents should be encoded to be stored in files. However, there are two encoding schemas commonly used to store digital certificates in files:
Distinguished Encoding Rules (DER) – most common, as the schema addresses most data objects. Certificates encoded by DER are binary files and cannot be read by text editors, but can be processed by web browsers and many client applications.
Privacy Enhanced Mail (PEM) – an encrypted email encoding schema that can be used to convert DER-encoded certificates into text files.
Source: Sectigo
Reference
- What Is an X.509 Certificate & How Does It Work?
- A SSL Certificate File Extension Explanation: PEM, PKCS7, DER, and PKCS#12
- Digital Certificate
X.509 標準中沒有定義以下哪項? (Wentz QOTD)
A. 區分編碼規則 (Distinguished encoding rules)
B. 主題替代名稱 (Subject alternative name)
C. 發行人專有名稱 (Issuer distinguished name)
D. 主題專有名稱 (Subject distinguished name)